Help with OpenSSL's OCSP responder serving pre-produced responses

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

Can anyone tell me how to serve pre-produced responses with OpenSSL's
OCSP responder? My current understanding is that what I'm doing should
work, but it doesn't. The pre-produced response correctly prints to
stdout...but it doesn't actually go back to the client (instead
openssl sends an RST).

Here's what I'm doing:

1) Setup a OCSP responder

openssl ocsp -index ca.db -port 8088 -rsigner ca.pem -CA ca.pem -text

2) Create a pre-produced response object for later use

openssl ocsp -issuer ca.pem -cert revoked.test.example.com.crt -text
-url http://127.0.0.1:8088
-respout resp_revoked_first.out

3) Start responder with pre-produced response

openssl ocsp -port 8088 -text -respin resp_revoked_first.out

4) Make a request and get error response (Error querying OCSP responder)

openssl ocsp -issuer ca.pem -cert revoked.test.example.com.crt -text
-url http://127.0.0.1:8088

Thoughts? Am I doing something stupid?



TIA,
Coty
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux